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PROBLEM TO BE SOLVED: To obtain a data management 
device which protects digital literary works which are delivered 
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distributed contents from the outside or reads out non- 
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information, right information, and the file name in a data 
management table 105 and writes encryption information and 
right information in the data storage part 106. 
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CLAIMS 



[Claim(s)] 

[Claim 1] It is data control equipment which matches and manages the digital work and access 
information which are circulating. An access information storage means by which the access 
information which includes at least the playback access information which shows whether playback 
of a digital work is permitted for every class of digital work is memorized beforehand, A work 
storage means and a work acquisition means to acquire the digital work with which it is circulating 
and access information is not added from the exterior, A formal distinction means to distinguish the 
class of acquired digital work, and the access information read-out means which reads the access 
information corresponding to the class of acquired digital work from said access information storage 
means, The work write-in means which writes said acquired digital work in said work storage means, 
Data control equipment characterized by having the access information write-in means which 
matches with said digital work written in said work storage means, and writes said read access 
information in said work storage means. 

[Claim 2] Said work write-in means is data control equipment according to claim 1 characterized by 
adding said access information further read to said digital work written in said work storage means. 
[Claim 3] It is data control equipment according to claim 1 which said access information shows 
further whether said record access information permits check-out including record access 
information, and is characterized by said check-out being reproducing to the exterior a digital work 
and the playback access information it corresponding. 

[Claim 4] For said number of check-out upper limits, said record access information is data control 
equipment according to claim 3 characterized by showing the upper limit of the count to check out 
including the number of check-out upper limits. 

[Claim 5] For said migration access information, said access information is data control equipment 
according to claim 1 characterized by showing whether it permits moving a digital work and 
corresponding access information to the exterior further including migration access information. 
[Claim 6] the data control equipment according to claim 1 characterized by said data control 
equipment including a playback means to reproduce said digital work which carried out reading 
appearance of said digital work and the corresponding access information, and carried out reading 
appearance further based on the access information which carried out reading appearance from said 
work storage means. 

[Claim 7] The digital work and access information which are circulating are matched and managed. 
For every class of digital work An access information storage means by which the access information 
which includes at least the playback access information which shows whether playback of a digital 
work is permitted is memorized beforehand, The work acquisition step which acquires from the 
exterior the digital work with which it is the data control approach used with data control equipment 
equipped with a work storage means, and is circulating, and access information is not added, The 
formal distinction step which distinguishes the class of acquired digital work, and the access 
information read-out step which reads the access information corresponding to the class of acquired 
digital work from said access information storage means, The work write-in step which writes said 
acquired digital work in said work storage means, The data control approach characterized by 



including the access information write-in step which matches with said digital work written in said 
work storage means, and writes said read access information in said work storage means. 
[Claim 8] Said work write-in step is the data control approach according to claim 7 characterized by 
adding said access information further read to said digital work written in said work storage means. 
[Claim 9] It is the data control approach according to claim 7 which said access information shows 
further whether said record access information permits check-out including record access 
information, and is characterized by said check-out being reproducing to the exterior a digital work 
and the playback access information it corresponding. 

[Claim 10] For said number of check-out upper limits, said record access information is the data 
control approach according to claim 9 characterized by showing the upper limit of the count to check 
out including the number of check-out upper limits. 

[Claim 1 1] For said migration access information, said access information is the data control 
approach according to claim 7 characterized by showing whether it permits moving a digital work 
and corresponding access information to the exterior further including migration access information. 
[Claim 12] the data control approach according to claim 7 characterized by said data control 
approach containing the playback step which reproduces said digital work which carried out reading 
appearance of said digital work and the corresponding access information, and carried out reading 
appearance further based on the access information which carried out reading appearance from said 
work storage means. 

[Claim 13] The digital work and access information which are circulating are matched and managed. 
For every class of digital work An access information storage means by which the access information 
which includes at least the playback access information which shows whether playback of a digital 
work is permitted is memorized beforehand, It is the record medium which has memorized the data 
management used with data control equipment equipped with a work storage means and in which 
computer reading is possible. Said data management The work acquisition step which acquires the 
digital work with which it is circulating and access information is not added from the exterior, The 
formal distinction step which distinguishes the class of acquired digital work, and the access 
information read-out step which reads the access information corresponding to the class of acquired 
digital work from said access information storage means, The work write-in step which writes said 
acquired digital work in said work storage means, The record medium characterized by including the 
access information write-in step which matches with said digital work written in said work storage 
means, and writes said read access information in said work storage means. 

[Claim 14] Said work write-in step is a record medium according to claim 13 characterized by adding 
said access information further read to said digital work written in said work storage means. 
[Claim 15] It is the record medium according to claim 13 which said access information shows 
further whether said record access information permits check-out including record access 
information, and is characterized by said check-out being reproducing to the exterior a digital work 
and the playback access information it corresponding. 

[Claim 16] For said number of check-out upper limits, said record access information is a record 
medium according to claim 1 5 characterized by showing the upper limit of the count to check out 
including the number of check-out upper limits. 

[Claim 17] For said migration access information, said access information is a record medium 
according to claim 1 3 characterized by showing whether it permits moving a digital work and 
corresponding access information to the exterior further including migration access information. 
[Claim 18] the record medium according to claim 13 characterized by said data management 
containing the playback step which reproduces said digital work which carried out reading 
appearance of said digital work and the corresponding access information, and carried out reading 
appearance further based on the access information which carried out reading appearance from said 
work storage means. 
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DETAILED DESCRIPTION 

[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to the technique which protects especially a digital 

work about the system which circulates a digital work. 

[0002] 

[Description of the Prior Art] The approach of distributing record media with which the digital work 
was recorded, such as CD and CD-ROM, in case ordinary users are provided with the digital work 
which informational digitization progressed in recent years and was expressed using multimedia, and 
the approach of making go via a network and distributing a digital work are used well. 
[0003] In the case of the former, ordinary users can equip a personal computer with distributed CD, 
and can play and enjoy the digital work currently recorded on CD, for example, music. In the case of 
the latter, a digital work is downloaded and used for each personal computer using the 
communication facility of a personal computer. The music distribution system using a contents 
control system as the example is indicated by "music distribution MATTANASHI" (Nikkei 
electronics No. 738 PP 87-1 1 1, Nikkei Business Publications, March 8, 1999 issuance). The file B 
which consists of control information, a decryption key of File A, etc. in which the playback of File 
A and File A which consists of an enciphered music content in this contents control system, 
authorization, disapproval of a copy, etc. are shown is distributed via a network, and it judges 
[ whether it is possible in playback and the copy of File A, and ] using the control information 
included in File B at the time of music playback. 

[0004] According to such a music distribution system, a work can be protected from an unjust 
activity by adding a fixed limit to playback and the copy of contents using the control information 
which shows playback, authorization, disapproval of a copy, etc. 
[0005] 

[Problem(s) to be Solved by the Invention] however, in the conventional music distribution system 
By adding a fixed limit to playback and the copy of a work using the control information which 
shows playback, authorization, disapproval of a copy, etc. which are contained in the negotiation 
contents distributed via the network Digital works, such as music currently recorded on the contents 
distributed via a network, without adding said control information of what can protect a work, CD, 
etc. Since the control information which generally is not enciphered and shows playback, 
authorization, disapproval of a copy, etc. is not added, either When a personal computer etc. is used, 
it can reproduce or copy without a limit of the digital work currently recorded on said CD etc., and 
there is a trouble that protection of a digital work cannot fully be performed. 

[0006] protection of the negotiation contents distributed via the network in order that this invention 
might solve the above-mentioned trouble — in addition, it aims at offering the record medium which 
is recording the data-control equipment which protects the digital work currently recorded on record 
media distributed via a network, without adding said control information, such as contents, CD, and 
CD-ROM, like said negotiation contents, the data-control approach, and data management. 
[0007] 

[Means for Solving the Problem] In order to attain the above-mentioned object, this invention is data 



control equipment which matches and manages the digital work and access information which are 
circulating. An access information storage means by which the access information which includes at 
le*ast the playback access information which shows whether playback of a digital work is permitted 
for every class of digital work is memorized beforehand, A work storage means and a work 
acquisition means to acquire the digital work with which it is circulating and access information is 
not added from the exterior, A formal distinction means to distinguish the class of acquired digital 
work, and the access information read-out means which reads the access information corresponding 
to the class of acquired digital work from said access information storage means, It is characterized 
by having the work write-in means which writes said acquired digital work in said work storage 
means, and the access information write-in means which matches with said digital work written in 
said work storage means, and writes said read access information in said work storage means. 
[0008] Here, said work write-in means may be constituted so that said access information further 
read to said digital work written in said work storage means may be added. Here, said access 
information may show further whether said record access information permits check-out including 
record access information, and said check-out may be constituted so that it may be reproducing to the 
exterior a digital work and the playback access information it corresponding. 
[0009] Here, including the number of check-out upper limits, said record access information may 
constitute said number of check-out upper limits so that the upper limit of the count to check out may 
be shown. Here, further, including migration access information, said access information may 
constitute said migration access information so that it may be shown whether it permits moving a 
digital work and corresponding access information to the exterior. 

[0010] here, said data control equipment may be constituted so that a playback means to reproduce 
said digital work which carried out reading appearance of said digital work and the corresponding 
access information, and carried out reading appearance further based on the access information 
which carried out reading appearance from said work storage means may be included. 
[0011] 

[Embodiment of the Invention] 1 Explain the data control equipment 100 as a gestalt of one 
operation concerning gestalt 1 this invention of operation. Data control equipment 100 is connected 
to the networks 20, such as the Internet and a cable TV, through the communication line 10, as 
shown in drawing 1 . Moreover, Web server 30 which supplies the music information containing the 
contents about music is connected to the network 20. From Web server 30, data control equipment 
100 acquires music information, and memorizes the acquired music information inside. Moreover, 
the music information which contains the contents about music from CD300 is read, and the read 
music information is memorized inside. Moreover, data control equipment 100 reproduces said 
memorized music information, and outputs it by the loudspeaker 1 54. 
[0012] Thus, a user can enjoy music. 

1.1 The configuration data control equipment 100 of data control equipment 100 consists of the 
control approach storage table 101 classified by data format, the access managed table 102 classified 
by data format, the data- format distinction section 103, the data registration section 104, a data 
control table 105, and the data storage section 106, as shown in drawing 2 . 

[0013] As shown in drawing 3 , data control equipment 100 consisted of a microprocessor 151, RAM 
(Random Access Memory)152, a display 153, a loudspeaker 154, a hard disk 156, a keyboard 157, 
the communications department 158, and the read-out section 159, and, specifically, the 
communications department 158 is connecting it to a communication line 10. The computer program 
is memorized by the hard disk 156 and the data-format distinction section 103 and the data 
registration section 104 attain the function to it by performing said computer program memorized by 
the hard disk 156 by the microprocessor 151. Specifically, the control approach storage table 101 
classified by data format, the access managed table 102 classified by data format, the data control 
table 105, and the data storage section 106 consist of hard disks 156. 
(Data-format distinction section 103) The data-format distinction section 103 includes the 
communications department 158 connected with external Web server 30 via the networks 20, such as 
the Internet and a cable TV, and contains the read-out section 159 of the record medium of CD and 



DVE>. 

[0014] The data- format distinction section 103 takes out negotiation contents from external Web 
server 30 based on directions of a user. Said negotiation contents consist of a file A and a file B. File 
A contains encryption contents, such as an enciphered music content. File B contains the access 
information which shows authorization and the disapproval of playback of File A, sound recording, 
and migration, the cipher system which enciphered said encryption contents, and the decryption key 
of said encryption contents. The data-format distinction section 103 outputs the taken-out negotiation 
contents, the file name of File A, and the distinction information which shows that they are 
negotiation contents to the data registration section 104. 

[0015] the data-format distinction section 103 ~ moreover, based on directions of a user, reading 
appearance of the contents which are not enciphered from CD or DVD with which it was equipped is 
carried out, and the contents which carried out reading appearance and which are not enciphered, and 
the distinction information which shows CD or DVD are outputted to the data registration section 
104. Here, the information which shows reproductive authorization and disapproval is also called 
playback access information, and shows whether playback of the contents which have the playback 
access information concerned is permitted. 

[0016] Moreover, the information which shows authorization and the disapproval of sound recording 
is also called sound recording access information, and shows authorization and the disapproval of 
check-out. Moreover, sound recording access information contains the number of check-out upper 
limits which shows the count to which check-out is permitted. Here, check-out reproduces the 
playback access which reproduces contents and contents to other equipments from the equipment 
which has contents, and means reducing the number of check-out upper limits by one in the 
equipment which has said contents. Moreover, check-in returns the access which reproduces contents 
to the original equipment from other equipments, and means increasing the number of check-out 
upper limits one in the original equipment. At this time, it becomes impossible in equipment besides 
the above to use the reproduced contents. 

[0017] Moreover, the information which shows authorization and the disapproval of migration is also 
called migration access information, and shows authorization and the disapproval of migration. Here, 
from the equipment with which migration has contents, contents and all access information are 
reproduced to other equipments, and it says that contents are permanently made impossible [ an 
activity ] in the original equipment to them. 

(The control approach storage table 101 classified by data format) The control approach storage table 
101 classified by data format has memorized two or more groups of data format 201, the data storage 
approach 202, a cipher system 203, the cryptographic key creation approach 204, and the access 
management method 205 and the access existence information 206, as shown in drawing 4 . 
[0018] Data format 201 shows distinction of whether contents are the contents taken out via the 
network, or to be the contents read from record media, such as CD and DVD. "Negotiation contents" 
shows the contents taken out via the network, and "CD" and "DVD" show the contents read from CD 
and DVD, respectively. 

[0019] The data storage approach 202 is a script which shows the approach of processing for 
contents. When data format 201 is "CD", the data storage approach 202 consists of a script shown 
below. Also about the case where data format 201 is "DVD", the data storage approach 202 is the 
same as that of the script shown below. 

(Step 1) A cryptographic key is created using the cryptographic key creation approach 204 
corresponding to the data format 201 which is "CD." 

(Step 2) With the cipher system 203 corresponding to the data format 201 which is "CD", the 
contents read from CD are enciphered using said created cryptographic key, and encryption contents 
are generated. 

(Step 3) It writes in the data storage section 106 by considering the generated encryption contents as 
File A. 

(Step 4) According to the script currently recorded on the access management method 205, the access 
information 222 corresponding to the data format 221 which is "CD" is read from the access 



managed table 102 classified by data format. 

(Step 5) According to the script currently recorded on the access management method 205, data ID 
251, the encryption information 252, the access information 253, and a file name 254 are written in 
the data control table 105. Moreover, it writes in the data storage section 106 by considering the 
encryption information 252 and access information 253 as File B. Here, data ID 251 are the identifier 
of the proper generated for every contents of CD. The encryption information 252 consists of a 
cipher system 261 and a cryptographic key 262. A cipher system 261 is a cipher system determined 
in step 2. A cryptographic key 262 is a cryptographic key created in step 1. The file identification 
child of a file name 254 is an identifier of the proper generated for said every contents. The access 
information 253 is the access information 222 read from the access managed table 102 classified by 
data format. 

[0020] When data format 201 is "negotiation contents 1 ', the data storage approach 202 consists of a 
script shown below. 

(Step 1) The negotiation contents taken out via the network are written in the data storage section 
106. 

(Step 2) Data ID 251, the encryption information 252, the access information 253, and a file name 
254 are written in the data control table 105. Here, data ID 25 1 are the file name of the file A taken 
out via the network. The encryption information 252 consists of a cipher system 261 and a 
cryptographic key 262. A cipher system 261 is a cipher system contained in the file B taken out via 
the network. A cryptographic key 262 is a decryption key contained in the file B taken out via the 
network. The access information 253 is the access information taken out via the network. A file name 
254 is a file name of the file A taken out via the network. 

[0021] A cipher system 203 shows the cipher system at the time of enciphering the contents read 
from "CD" or "DVD", when data format 201 is "CD" or "DVD." According to the example shown in 
this drawing, a cipher system is RSA when data format 201 is "CD" or "DVD." When data format 
201 is "negotiation contents", the cipher system 203 is not memorized. 

[0022] The cryptographic key creation approach 204 shows how to create the cryptographic key used 
with a cipher system 203. According to the example shown in this drawing, when data format 201 is 
"CD" or "DVD", the cryptographic key creation approach 204 is random-number generation. 
Furthermore, when data format 201 is "DVD", the die length of the music currently recorded on the 
head of DVD is considered as the seed in the case of random-number generation. When data format 
201 is "negotiation contents", the cryptographic key creation approach 204 is not memorized. 
[0023] The access management method 205 is a script about access information. When data format 
201 is "CD", the access management method 205 consists of a script shown below. Also about the 
case where data format 201 is "DVD", the access management method 205 is the same as that of the 
script shown below. 

(Step 1) The access information 222 on the access managed table 102 classified by data format is 
read, and it writes in the data control table 105. 

[0024] When data format 201 is "negotiation contents", the access management method 205 is not 
memorized. The access existence information 206 shows whether access information is added. The 
access existence information 206 shows that access information is not added in the case of "0", and, 
in the case of "1", it is shown that access information is added. Since access information is added 
when the access existence information 206 is "0" and data format 201 is "negotiation contents", since 
access information is not added in the example of the control approach storage table 101 classified by 
data format shown in drawing 4 when data format 201 is "CD" or "DVD", the access existence 
information 206 is "1." 

(Access managed table 102 classified by data format) The access managed table 102 classified by 
data format has remembered two or more groups with the access information 222 to be data format 
22 1 , as shown in drawing 5 . 

[0025] Data format 221 consists of "CD" or "DVD" in which it is shown that they are the contents by 
which reading appearance was carried out from record media, such as CD and DVD. Data format 
221 does not contain "negotiation contents." The access information 222 consists of playback access 



23 l;"sound' recording access 232, and migration access 233. It is shown whether the playback access 
231, the sound recording access 232, and the migration access 233 permit playback of contents, 
sound recording, and migration to a user, respectively. "It is possible' 1 shows authorization of 
playback of contents, sound recording, and migration, and "it is impossible" shows disapproval for 
playback of contents, sound recording, and migration. 

(Data control table 105) The data control table 105 has memorized two or more groups of data ID 
251, the encryption information 252, the access information 253, and a file name 254, as shown in 
drawing 6 . 

[0026] Each class supports each contents and one to one which are memorized by the data storage 
section 106. Data ID 251 are an identifier which identifies each contents. The encryption information 
252 consists of a cipher system 261 and a cryptographic key 262. A cipher system 261 is a cipher 
system used when the contents identified with data ID 25 1 were enciphered. A cryptographic key 
262 is a cryptographic key used when the contents identified with data ID 251 were enciphered. 
[0027] The access information 253 consists of playback access 271, sound recording access 272, and 
migration access 273. It is shown whether the playback access 271, the sound recording access 272, 
and the migration access 273 permit playback of the contents identified with data ID 251 to a user, 
respectively, sound recording, and migration. "It is possible" shows authorization of playback of 
contents, sound recording, and migration, and "it is impossible" shows disapproval for playback of 
contents, sound recording, and migration. 

[0028] A file name 254 is a file stored in the data storage section 106, and is a file name of the file 
containing the contents identified with data ID 251. A file identification child, SEPARETA ".", and 
file classification "dat" are combined, and a file name 254 is constituted. The file identification child 
of a file name 254 has the same identifier as data ID 25 1 . 

[0029] In this drawing, a group 281 is an example in case data format is "CD", and a group 282 is an 
example in case data format is a "music content." 

(Data registration section 104) The data registration section 104 receives negotiation contents, the 
file name of File A, and the distinction information that shows that they are negotiation contents 
from the data-format distinction section 103. Moreover, the data registration section 104 receives the 
contents which are not enciphered and the distinction information which shows CD or DVD. 
[0030] The data registration section 104 will perform the script currently recorded on ejection and 
the taken-out data storage approach 202 from the control approach storage table 101 classified by 
data format in the data storage approach 202 corresponding to the data format 201 which is 
"negotiation contents", if the distinction information which shows that they are negotiation contents 
is received from the data-format distinction section 103. 

[003 1] The data registration section 104 will perform the script currently recorded on ejection and 
the taken-out data storage approach 202 from the control approach storage table 101 classified by 
data format in the data storage approach 202 corresponding to the data format 201 which is "CD", if 
the distinction information which shows that it is "CD" is received from the data-format distinction 
section 103. It is also the same as when the data registration section 104 receives the distinction 
information which shows that it is "DVD." 

(Data storage section 106) The data storage section 106 is the same file format as the negotiation 
contents which consist of a file A and a file B, and has memorized contents. 

1.2 Explain actuation of the data control equipment 100 of data control equipment 100 of operation 
using the flow chart shown in drawing 7 . 

[0032] The data-format distinction section 103 from the exterior negotiation contents Ejection and 
the taken-out negotiation contents, The file name of File A and the distinction information which 
shows that they are negotiation contents are outputted to the data registration section 104. Or the 
contents which the data-format distinction section 103 read the contents which are not enciphered 
from CD or DVD with which it was equipped, and were read and which are not enciphered, The 
distinction information which shows CD or DVD is outputted to the data registration section 104. 
The data registration section 104 From the data-format distinction section 103, negotiation contents, 
the file name of File A, and the distinction information that shows that they are negotiation contents 



Reception, Or the data registration section 104 receives the contents which are not enciphered and 
the distinction information which shows CD or DVD (step S101). 

[0033] If the distinction information which shows that they are negotiation contents is received from 
the data-format distinction section 103 (steps S103-S104), the data registration section 104 From the 
control approach storage table 101 classified by data format, the data storage approach 202 
corresponding to the data format 201 which is "negotiation contents" Ejection, By performing the 
script currently recorded on the taken-out data storage approach 202 The file A containing the 
encryption contents taken out via the network is written in the data storage section 106 (step SI 05). 
Data ID 251, the encryption information 252, the access information 253, and a file name 254 are 
written in the data control table 105 (step SI 06). 

[0034] If the distinction information which shows that it is "CD" is received from the data-format 
distinction section 103 (step SI 03), the data registration section 104 By performing the script 
currently recorded on ejection and the taken-out data storage approach 202 from the control approach 
storage table 101 classified by data format in the data storage approach 202 corresponding to the data 
format 201 which is "CD" Using the cryptographic key creation approach 204 corresponding to the 
data format 201 which is "CD", create a cryptographic key (step Sill) and with the cipher system 
203 corresponding to the data format 201 which is "CD" Encipher the contents read from CD using 
said created cryptographic key, and encryption contents are generated (step SI 12). The generated 
encryption contents are written in the data storage section 106 (step SI 13). According to the script 
currently recorded on the access management method 205, the access information 222 corresponding 
to the data format 221 which is "CD" is read from the access managed table 102 classified by data 
format (step SI 14). According to the script currently recorded on the access management method 
205, data ID 251, the encryption information 252, the access information 253, and a file name 254 
are written in the data control table 105. The encryption information 252 and the access information 
253 are written in the data storage section 106 (step SI 15). 

1.3 a conclusion — in case playback, migration, a copy, etc. are processed like "negotiation contents" 
in this way according to the gestalt 1 of operation by enciphering contents and adding access 
information with the cipher system decided beforehand even case [ like the contents which carried 
out reading appearance from CD with which the contents which are not enciphered are recorded ], a 
work can be protected by adding a fixed limit. 

[0035] Moreover, even when a new data format is developed and added, it can respond to a new data 
format easily by adding and writing a new data format, the data storage approach and a cipher 
system, the cryptographic key creation approach, an access management method, and access 
information in the control approach storage table 101 classified by data format, and the access 
managed table 102 classified by data format. 

2 Explain another data control equipment 800 as a gestalt of one operation concerning gestalt 2 this 
invention of operation. 

[0036] Data control equipment 800 is connected to the networks 20, such as the Internet and a cable 
TV, through the communication line 10, as shown in drawing 8 . The accounting server 40 which 
supplies the access [ countervalue / in the case of using Web server 30 which supplies the music 
information containing the contents about music, and contents ] information according to reception 
and a countervalue is connected to the network 20. Data control equipment 800 memorizes the music 
information which acquired music information and was acquired inside from Web server 30, pays the 
countervalue in the case of using contents to the accounting server 40, and receives the access 
information according to a countervalue. Moreover, the music information containing the contents 
about music is read from CD300, and read-out music information is memorized inside. Moreover, 
based on said received access information, data control equipment 800 reproduces said memorized 
music information, and outputs it by the loudspeaker 154. 

[0037] Moreover, data control equipment 800 writes said memorized music information in a record 
medium 811 based on said received access information. The pocket player 401 is equipped by the 
user, and the record medium 8 1 1 with which music information was written in reproduces the music 
information written in the record medium 811, and outputs the pocket player 401 to headphone 402. 



Herd, a recofd medium 811 is a semi-conductor memory card as an example. 
[0038] Thus, a user can enjoy music. 

2:1 The configuration data control equipment 800 of data control equipment 800 consists of the data- 
format distinction section 801, the data format section 802, the access managed table 803 classified 
by data format, the encryption section 804, the data storage section 805, two or more data-format 
data control table 807, the accounting section 808, the data control section 809, the format 
conversion section 810, the input section 812, and a control approach storage table 813 classified by 
data format, as shown in drawing 9 . 

[0039] Like data control equipment 100, data control equipment 800 consisted of a microprocessor, 
RAM, a display, a loudspeaker, the record-medium I/O section, a hard disk, a keyboard, the 
communications department, and the read-out section, and, specifically, the communications 
department is connecting it to a communication line. The computer program is memorized by the 
hard disk and the data-format distinction section 801, the encryption section 804, the accounting 
section 808, the data control section 809, and the format conversion section 810 attain the function to 
it by performing said computer program memorized by said hard disk by said microprocessor. 
Moreover, the access managed table 803 classified by data format, the data storage section 805, and 
the two or more data-format data control control approach storage table 807 and 813 classified by 
data format consist of said hard disks for the data-format distinction section 801 and the accounting 
section 808 including said communications department. 

(Input section 812) The input section 812 consists of said keyboards etc., and, specifically, receives 
from a user the input of the contents identifier which discriminates contents from the supplying 
agency information which shows the supply origin of contents, and the usage of contents. 
[0040] Here, supplying agency information shows whether it is the exterior connected via a network, 
or they are record media, such as CD and DVD. The usage of contents is playback of contents, 
record, or migration. The input section 812 outputs the supplying agency information that the input 
was received, and the contents identifier which identifies contents to the data-format distinction 
section 801. Moreover, the input section 812 outputs the supplying agency information that the input 
was received, the contents identifier which identifies contents, and the usage of contents to the data 
control section 809. 

(Data-format distinction section 801) The data-format distinction section 801 receives supplying 
agency information and the contents identifier which identifies contents from the input section 812. 
[0041] The data-format distinction section 801 is connected with the exterior via networks, such as 
the Internet and a cable TV, like the data-format distinction section 103 of data control equipment 
100. The data-format distinction section 801 will take out the negotiation contents identified by said 
received contents identifier from the exterior, if the supplying agency information which shows the 
exterior connected via a network is received from the input section 812. Said negotiation contents 
consist of a file A and a file B. File A contains encryption contents, such as an enciphered music 
content. File B contains the access information which shows authorization and the disapproval of 
playback of File A, sound recording, and migration, the cipher system which enciphered said 
encryption contents, and the decryption key of said encryption contents. The data-format distinction 
section 801 outputs the taken-out negotiation contents, the file name of File A, and the distinction 
information which shows that they are negotiation contents to the data format section 802. 
[0042] The data-format distinction section 801 is equipped with the read-out section of the record 
medium of CD and DVD again. If the supplying agency information which shows record media, 
such as CD and DVD, is received from the input section 812, from CD with which the 
aforementioned read-out section was equipped, or DVD, the data-format distinction section 801 will 
read the contents which are identified by said contents identifier and which are not enciphered, and 
will output the read contents which are not enciphered and the distinction information which shows 
CD or DVD to the data format section 802. 

(Access managed table 803 classified by data format) Since the access managed table 803 classified 
by data format is the same as the access managed table 102 classified by data format of data control 
equipment 100, explanation is omitted. 



(The control* approach storage table 813 classified by data format) The control approach storage table 
813 classified by data format has memorized two or more groups of data format 951, a cipher system 
952, and the cryptographic key creation approach 953, as shown in drawing 10 . 
[0043] Distinction of whether data format 951 is the contents to which reading appearance of the 
contents was carried out from which record media, such as CD or DVD, is shown. "CD" and "DVD" 
show the contents by which reading appearance was carried out from CD and DVD, respectively. A 
cipher system 952 shows the cipher system at the time of enciphering the contents read from "CD" or 
"DVD", when data format 951 is "CD" or "DVD." According to the example shown in this drawing, 
when data format 951 is "CD" or "DVD", both cipher systems are RSA. 

[0044] The cryptographic key creation approach 953 shows how to create the cryptographic key used 
with the cipher system shown by the cipher system 952. According to the example shown in this 
drawing, when data format 951 is "CD" or "DVD", both the cryptographic key creation approaches 
953 are random-number generation. Furthermore, when data format 951 is "DVD", the die length of 
the music currently recorded on the head of DVD is considered as the seed in the case of random- 
number generation. 

(Data format section 802) The data format section 802 receives negotiation contents, the file name of 
File A, and the distinction information that shows that they are negotiation contents from the data- 
format distinction section 801. Moreover, the data format section 802 receives the contents which are 
not enciphered and the distinction information which shows CD or DVD. 
[0045] A random number will be generated and the data format section 802 will generate the 
character string of 6 figures which identifies contents based on the generated random number, if the 
distinction information which shows CD or DVD is received from the data-format distinction section 
301. The data format section 802 reads the access information 222 corresponding to the data format 
221 which is in agreement with said received distinction information from the access managed table 
$03 classified by data format. 

[0046] Moreover, from the control approach storage table 813 classified by data format, the data 
format section 802 reads the cipher system 952 and the cryptographic key creation approach 953 
corresponding to the data format 95 1 which is in agreement with said received distinction 
information, and generates a cryptographic key using the read cryptographic key creation approach 
?53. Next, the data format section 802 uses said generated character string of 6 figures as data ID 
?1 1. Make said read cipher system 952 into a cipher system 921, and said generated cryptographic 
<:ey is made into a cryptographic key 922. said access information 222 which carried out reading 
ippearance is made into the access information 913, said generated character string of 6 figures is 
nade into a file identification child, said file identification child, SEPARETA ".", and file 
classification "dat" are combined, a file name 914 is generated, and data format 915 is set to "CD." 
Data ID 91 1, the encryption information 912, the access information 913, a file name 914, and data 
format 915 are written in two or more data-format data control table 807. Here, the encryption 
nformation 912 consists of a cipher system 921 and a cryptographic key 922. 
0047] Furthermore, the data format section 802 outputs the received contents which are not 
enciphered, said read cipher system 952, said generated cryptographic key, and a file name 914 to the 
encryption section 804. If the distinction information which shows that they are negotiation contents 
s received from the data-format distinction section 801, the data format section 802 The file 
dentification child who constitutes the file name of said received file A is used as data ID 91 1. The 
npher system contained in said received negotiation contents is made into a cipher system 921. The 
decryption key contained in said received negotiation contents is made into a cryptographic key 922, 
ind access information included in said received negotiation contents is made into the access 
nformation 913, make the file name of said received file A into a file name 914, and let data format 
)15 be "negotiation contents." Data ID 91 1, the encryption information 912, the access information 
)13, a file name 914, and data format 915 are written in two or more data-format data control table 
>07. Here, the encryption information 912 consists of a cipher system 921 and a cryptographic key 
>22. Next, the data format section 802 writes said received negotiation contents in the data storage 
•ection 805 by making the file name of said received file A into a file name. 



(Entfryptio'n 'section 804) The encryption section 804 receives the contents which are not enciphered, 
a cipher system 952, said cryptographic key, and a file name 914 from the data format section 802. 
[0048] If the contents which are not enciphered, a cipher system 952, said cryptographic key, and a 
file name 914 are received, the encryption section 804 will encipher the contents which are not 
enciphered with a cipher system 952 using said cryptographic key, and will write the encryption 
contents which generated and generated encryption contents in the data storage section 805 by 
making a file name 914 into a file name. 

(Data storage section 805) The data storage section 805 has memorized the negotiation contents 
which the encryption contents generated by the encryption section 804 and the data format section 
802 received. 

(Two or more data-format data control table 807) Two or more data-format data control table 807 
remembers groups with data format 915 to be data ID 91 1, the encryption information 912, the 
access information 913, and a file name 914, as shown in drawing 1 1 . 

[0049] Each class supports each contents and one to one which are memorized by the data storage 
section 805. The encryption information 912 consists of a cipher system 921 and a cryptographic key 
922, and the access information 913 consists of playback access 923, sound recording access 924, 
and migration access 925. 

[0050] Since it is the same as the data ID 251 of the data control table of data control equipment 100, 
a cipher system 261, a cryptographic key 262, the playback access 271, the sound recording access 
272, the migration access 273, and a file name 254, data ID 91 1, a cipher system 921, a 
cryptographic key 922, the playback access 923, the sound recording access 924, the migration 
access 925, and a file name 914 omit explanation, respectively. 

[0051] Data format 915 shows distinction of whether contents are the contents taken out via the 
network, or to be the contents read from record media, such as CD and DVD. "Negotiation contents" 
shows the contents taken out via the network, and "CD" and "DVD" show the contents read from CD 
and DVD, respectively. 

[0052] In this drawing, a group 901 is an example in case data format is "CD", and a group 902 is an 
example in case data format is "negotiation contents." 

(Accounting section 808) The accounting section 808 is connected with the exterior via networks, 
such as the Internet and a cable TV. 

[0053] The accounting section 808 receives the contents identifier which identifies contents, and the 
usage of contents from the data control section 809. The accounting section 808 performs accounting 
which pays the countervalue in the case of using the contents identified by said received contents 
identifier by the usage of said received contents to the exterior, and receives the access information 
according to said usage from said exterior. The playback access of contents, sound recording access, 
and migration access are contained in access information. 

[0054] The accounting section 808 transposes the access information 913 corresponding to the data 
[D 91 1 which have the same content as said received contents identifier in two or more data-format 
data control table 807 to the access information received from said exterior. 

T)ata control section 809) The data control section 809 receives supplying agency information, the 
:ontents identifier which identifies contents, and the usage of contents from the input section 812. 
X)055] The data control section 809 compares the access information 913 corresponding to the data 
:D 91 1 which have the same content as said received contents identifier in two or more data-format 
lata control table 807 with said received usage, and utilization by said received usage judges how 
K *** is. The data control section 809 will judge with it being available, if the playback access 923 is 
'possible" when said received usage is playback, and if the playback access 923 is "impossible", 
ipecifically, it will judge with utilization being impossible. If the sound recording access 924 is 
'possible" when said received usage is sound recording, it will judge with it being available, and if 
he sound recording access 924 is "impossible", it will judge with utilization being impossible. If the 
nigration access 925 is "possible" when said received usage is migration, it will judge with it being 
ivailable, and if the migration access 925 is "impossible", it will judge with utilization being 
mpossible. 



[005*6] When that it can use judges, the data control section 809 directs to write in the contents which 
changed the contents which will be identified by said received contents identifier to the format 
conversion section 810 based on the sound recording access 924 if sound recording is possible into 
the format to the record medium equipped by the format conversion section 810, and were changed 
into said record medium, and outputs said received contents identifier to the format conversion 
section 810. 

[0057] The data control section 809 ends processing, when that it cannot use judges and said supply 
[ which was received ] former information shows record media, such as CD and DVD. The data 
control section 809 outputs said received contents identifier and the usage of contents to the 
accounting section 808, when that it cannot use judges and it is shown that it is the exterior where 
said supply [ which was received ] former information is connected via a network. When the 
judgment of utilization is again performed after termination of the accounting by the accounting 
section 808 and that it can use judges, as mentioned above, the data control section 809 directs to 
write in the contents which changed into the format to a record medium the contents identified by 
said contents identifier to the format conversion section 810, and were changed into said record 
medium, and outputs said received contents identifier to the format conversion section 810. 
(Format conversion section 810) The format conversion section 810 is equipped with the write-in 
section to a record medium 811. 

[0058] The format conversion section 810 receives directions of format conversion, and a contents 
identifier from the data control section 809. If directions of format conversion are received from the 
data control section 809, the format conversion section 810 reads the contents identified by said 
received contents identifier from the data storage section 805, will be changed into the format to the 
record medium 811 equipped with the read contents by the format conversion section 810, and will 
write the changed contents in a record medium 811. 

(Record medium 81 1) A record medium 811 is a record medium which consists of semiconductor 
memory, a DVD-RAM, etc., and the format conversion section 810 is equipped with it. A record 
medium 811 records the changed contents by the format conversion section 810. 2.2 Explain the 
actuation at the time of the data control equipment 800 of data control equipment 800 of operation 
taking out contents from record media, such as the exterior, or CD, DVD, using the flow chart shown 
in drawing 12 . 

[0059] The input section 812 receives the input of supplying agency information, the contents 
identifier which identifies contents, and the usage of contents, and the data-format distinction section 
801 reads the contents which are discriminated from ejection, CD, or DVD by said contents identifier 
in the negotiation contents discriminated from the exterior by said received contents identifier and 
which are not enciphered from a user (step S 1001). 

[0060] When the distinction information which shows CD or DVD is received from the data-format 
distinction section 801 (step SI 002), the data format section 802 the data format section 802 The 
contents which read access information from the access managed table 803 classified by data format, 
read the cipher system and the cryptographic key creation approach from the control approach 
storage table 813 classified by data format, generated the cryptographic key, and were received and 
which are not enciphered, Said read cipher system 952, said generated cryptographic key, and a file 
name 914 are outputted to the encryption section 804. The encryption section 804 The contents 
which are not enciphered are enciphered with a cipher system 952 using said cryptographic key. 
Encryption contents are generated and the generated encryption contents are written in the data 
storage section 805 using a file name 914 (step SI 006). The data format section 802 Data ID 91 1, the 
encryption information 912, the access information 913, a file name 914, and data format 915 are 
written in two or more data-format data control table 807 (step SI 007). 

[0061] If the distinction information which shows that they are negotiation contents is received from 
the data-format distinction section 801 (steps S1002-S1003), the data format section 802 The data 
format section 802 on two or more data-format data control table 807 Data ID 91 1 The encryption 
information 912, the access information 913, a file name 914, and data format 915 are written in 
(step SI 004). Next, the data format section 802 Said received negotiation contents are written in the 



data storage 1 section 805 using the file name of said received file A (step S1005). 
[0062] Next, the actuation at the time of data control equipment 800 writing contents in a record 
medium 81 1 is explained using the flow chart shown in drawing 13 . The contents identifier to which 
the data control section 809 discriminates supplying agency information and contents from the input 
section 812, The usage of contents reception (step SI 101) and the data control section 809 The 
access information 913 corresponding to the data ID 91 1 which have the same content as said 
received contents identifier in two or more data-format data control table 807, When said received 
usage is compared, utilization by said received usage judges how **** is and that it can use judges, 
if sound recording is possible, based on (step SI 102) and the sound recording access 924 The 
contents identified by said received contents identifier to the format conversion section 810 It 
changes into the format to the record medium with which the format conversion section 810 is 
equipped. It directs to write in the contents changed into said record medium, and said received 
contents identifier is outputted to the format conversion section 810. The format conversion section 
810 The contents identified by said received contents identifier are read from the data storage section 
805. It changes into the format to the record medium 811 equipped with the read contents by the 
format conversion section 810, and the changed contents are written in a record medium 811 (step 
SI 103). 

[0063] The data control section 809 ends (step SI 104) and processing, when that it cannot use judges 
and it is shown that (step SI 102) and said supply [ which was received ] former information are 
record media, such as CD and DVD. When that it cannot use judges, the data control section 809 
(Step SI 102), When it is shown that it is the exterior where said supply [ which was received ] 
former information is connected via a network, (step SI 104) and said received contents identifier, 
The usage of contents is outputted to the accounting section 808. The accounting section 808 The 
accounting which pays the countervalue in the case of using the contents identified by said received 
contents identifier by the usage of said received contents Carry out to the exterior and the access 
information according to said usage From said outside to reception The access information 913 
corresponding to the data ID 91 1 which have the same content as said received contents identifier in 
two or more data-format data control table 807 It transposes to the access information received from 
said exterior (step SI 105), and control is moved to step SI 102, and again, when carrying out a 
utilization judging and judging with it being available, the contents to a record medium 811 are 
written in. 

2.3 If equipped with the record medium 811 with which contents are recorded, the pocket player 401 
pocket player 401 will reproduce the contents which read contents and were read from a record 
medium 811, and will output them to headphone 402. 

2.4 In Collecting, and Taking Out Contents via Network in this Way according to the Gestalt 2 of 
Operation In writing the negotiation contents which consist of contents, access information, and 
encryption information in the data storage section as it is and reading contents from record media, 
such as CD Since only encryption contents are written in the data storage section and data format, 
access information, and encryption information are written in two or more data-format data control 
table Access information and encryption information can be further added to the contents read from 
record media, such as CD, it is not necessary to change into the same file format as negotiation 
contents, and the load of equipment can be mitigated. 

3 In the other gestalten of operation of the modification (1) above, data format, such as "DVD- 
Video", "DVD-Audio", and "being the negotiation contents of the data format of a class two or 
more", may be added instead of CD. 

[0064] Moreover, although [ a record medium 811 ] it is a semi-conductor memory card, they may be 
other record media, such as MD. 

(2) In the gestalt of the above-mentioned operation, although [ equipment ] the contents to which it is 
enciphered and access information is added are acquired via networks, such as the Internet, though 
data control equipment acquires the contents to which it is not enciphered and access information is 
not added via a network, it is good. It sets on the control approach storage table 101 classified by 
data format to the contents of such a class. It has the same data storage approach as "CD" or "DVD", 



a cipher system, the cryptographic key creation approach, an access management method, and access 
existence information. The data registration section 104 Like "CD" or "DVD", an encryption key is 
created, contents are enciphered, encryption contents are written in the data storage section 106, and 
Data ID, encryption information, access information, and a file name are written in the data control 
table 105. 

(3) You may make it be a degree in the gestalt of the above-mentioned operation. The format 
conversion section 810 writes the access information which consists of the playback access to which 
"it is possible" was set, sound recording access to which "it is impossible" was set, and migration 
access to which "it is impossible" was set further in a record medium 81 1 . If equipped with the 
record medium 8 1 1 with which the access information which consists of contents, and the playback 
access to which "it is possible" was set, the sound recording access to which "it is impossible" was 
set and the migration access to which "it is impossible" was set is recorded, the pocket player 401 
Access information is read from a record medium 811, playback access judges whether it is 
"possible", and if it is "possible", the contents currently recorded on the record medium 811 will be 
reproduced. If playback access is "impossible", playback of the contents currently recorded on the 
record medium 811 will not be performed. 

(4) In the gestalt of the above-mentioned operation, the playback access and sound recording access 
which constitute access information, and migration access Although it is shown whether playback of 
contents, sound recording, and migration are permitted to a user, respectively, "it is possible" shows 
authorization of playback of contents, sound recording, and migration and "it is impossible" shows 
disapproval for playback of contents, sound recording, and migration It is good though playback 
access, sound recording access, and migration access are counts which permit playback of contents, 
sound recording, and migration to a user, respectively. It is permitted that a user performs playback 
of contents, sound recording, and migration within the limits of the aforementioned count. If 
playback of contents, sound recording, and migration are performed once, the value of 1 will be 
subtracted from the count of each. 

[0065] Moreover, though said access information is length which permits playback, sound recording, 
and migration, it is good. It is permitted that a user performs playback of contents, sound recording, 
and migration within the permitted length. 

(5) In the gestalt of the above-mentioned operation, although music information is acquired, 
memorized, reproduced, moved and recorded on videotape from record media, such as CD, through a 
network, don't restrict to music information. It is good though it is the multimedia information (for 
example, HTML document) containing static-image information, dynamic-image information, the 
film information that consists of voice and a dynamic image, a computer program, text, control 
information, text, a static image, a dynamic image, voice, etc. 

(6) Though this invention is an approach shown above, it is good. Moreover, though it is the 
computer program which realizes these approaches by computer, it is good, and it is good though it is 
the digital signal which consists of said computer program. 

[0066] Moreover, this invention is good also as what recorded said computer program or said digital 
signal on the record medium in which computer reading is possible, for example, a floppy 
(trademark) disk, a hard disk, CD-ROM, MO and DVD, DVD-ROM, DVD-RAM, semiconductor 
memory, etc. Moreover, it is good though it is said computer program currently recorded on these 
record media, or said digital signal. 

[0067] Moreover, this invention is good also as what is transmitted via the network where said 
computer program or said digital signal is used into a telecommunication circuit, wireless, or a wire 
communication circuit, and it uses the Internet representation, moreover, the thing for which said 
program is recorded on said record medium, and is transported — or by transporting said program via 
a network etc., though carried out according to other independent computer systems, it is good. 

(7) It is good though the gestalt and the above-mentioned modification of the above-mentioned 
implementation are combined, respectively. 

[0068] 

[Effect of the Invention] As explained above, this invention is data control equipment which matches 



and manages the digital work and access information which are circulating. An access information 
storage means by which the access information which includes at least the playback access 
information which shows whether playback of a digital work is permitted for every class of digital 
work is memorized beforehand, A work storage means and a work acquisition means to acquire the 
digital work with which it is circulating and access information is not added from the exterior, A 
formal distinction means to distinguish the class of acquired digital work, and the access information 
read-out means which reads the access information corresponding to the class of acquired digital 
work from said access information storage means, It has the work write-in means which writes said 
acquired digital work in said work storage means, and the access information write-in means which 
matches with said digital work written in said work storage means, and writes said read access 
information in said work storage means. 

[0069] Even when acquiring the contents to which access information is not added, since [ according 
to this configuration ] the access information beforehand decided corresponding to the acquired 
contents is memorized, in case access information is reproduced at least like the "negotiation 
contents" added beforehand, it becomes possible to add a fixed limit and it is effective in the ability 
to be able to protect a work. 

[0070] Here, said work write-in means adds said access information further read to said digital work 
written in said work storage means. Since it memorizes by the file format as the "negotiation 
contents" added beforehand with the access information same by adding access information to the 
contents to which access information is not added further according to this configuration, also in the 
equipment which can manage the negotiation contents to which access information is added 
beforehand, it is effective in the ability to treat these contents similarly. 

[0071] Said access information shows further whether said record access information permits check- 
out here including record access information, and said check-out is reproducing to the exterior a 
digital work and the playback access information it corresponding. Since access information includes 
playback access information and record access information, in case it checks out in addition to 
playback, it becomes possible [ adding a fixed limit ] and is effective in the ability to protect a work. 
[0072] Here, said record access information shows the upper limit of the count which checks out said 
number of check-out upper limits including the number of check-out upper limits. Since record 
access information contains the number of check-out upper limits, in case it checks out, it is effective 
in the ability to restrict check-out within said number of check-out upper limits. 
[0073] Here, said access information shows further whether it permits that said migration access 
information moves a digital work and corresponding access information to the exterior including 
migration access information. Since access information includes playback access information and 
migration access information, in case it moves in addition to playback, it becomes possible [ adding a 
fixed limit ] and is effective in the ability to protect a work. 

[0074] Here, said data control equipment includes a playback means to reproduce said digital work 
which read said digital work and corresponding access information, and read them from said work 
storage means further based on the read access information. According to this configuration, it is 
effective in being reproducible, protecting a digital work. 
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TECHNICAL FIELD 

[Field of the Invention] This invention relates to the technique which protects especially a digital 
work about the system which circulates a digital work. 
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PRIOR ART 

[Description of the Prior Art] The approach of distributing record media with which the digital work 
was recorded, such as CD and CD-ROM, in case ordinary users are provided with the digital work 
which informational digitization progressed in recent years and was expressed using multimedia, and 
the approach of making go via a network and distributing a digital work are used well. 
[0003] In the case of the former, ordinary users can equip a personal computer with distributed CD, 
and can play and enjoy the digital work currently recorded on CD, for example, music. In the case of 
the latter, a digital work is downloaded and used for each personal computer using the 
communication facility of a personal computer. The music distribution system using a contents 
control system as the example is indicated by "music distribution MATTANASHI" (Nikkei 
electronics No. 738 PP 87-1 11, Nikkei Business Publications, March 8, 1999 issuance). The file B 
which consists of control information, a decryption key of File A, etc. in which the playback of File 
A and File A which consists of an enciphered music content in this contents control system, 
authorization, disapproval of a copy, etc. are shown is distributed via a network, and it judges 
[ whether it is possible in playback and the copy of File A, and ] using the control information 
included in File B at the time of music playback. 

[0004] According to such a music distribution system, a work can be protected from an unjust 
activity by adding a fixed limit to playback and the copy of contents using the control information 
which shows playback, authorization, disapproval of a copy, etc. 
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EFFECT OF THE INVENTION 

[Effect of the Invention] As explained above, this invention is data control equipment which matches 
and manages the digital work and access information which are circulating, and it is circulating for 
every class of digital work with an access information storage means by which the access 
information which includes at least the playback access information which shows whether playback 
of a digital work is permitted is memorized beforehand, and the work storage means. A work 
acquisition means to acquire the digital work with which access information is not added from the 
exterior, A formal distinction means to distinguish the class of acquired digital work, and the access 
information read-out means which reads the access information corresponding to the class of 
acquired digital work from said access information storage means, It has the work write-in means 
which writes said acquired digital work in said work storage means, and the access information 
write-in means which matches with said digital work written in said work storage means, and writes 
said read access information in said work storage means. 

[0069] Even when acquiring the contents to which access information is not added, since [ according 
to this configuration ] the access information beforehand decided corresponding to the acquired 
contents is memorized, in case access information is reproduced at least like the "negotiation 
contents" added beforehand, it becomes possible to add a fixed limit and it is effective in the ability 
to be able to protect a work. 

[0070] Here, said work write-in means adds said access information further read to said digital work 
written in said work storage means. Since it memorizes by the file format as the "negotiation 
contents" added beforehand with the access information same by adding access information to the 
contents to which access information is not added further according to this configuration, also in the 
equipment which can manage the negotiation contents to which access information is added 
beforehand, it is effective in the ability to treat these contents similarly. 

[0071] Said access information shows further whether said record access information permits check- 
out here including record access information, and said check-out is reproducing to the exterior a 
digital work and the playback access information it corresponding. Since access information includes 
playback access information and record access information, in case it checks out in addition to 
playback, it becomes possible [ adding a fixed limit ] and is effective in the ability to protect a work. 
[0072] Here, said record access information shows the upper limit of the count which checks out said 
number of check-out upper limits including the number of check-out upper limits. Since record 
access information contains the number of check-out upper limits, in case it checks out, it is effective 
in the ability to restrict check-out within said number of check-out upper limits. 
[0073] Here, said access information shows further whether it permits that said migration access 
information moves a digital work and corresponding access information to the exterior including 
migration access information. Since access information includes playback access information and 
migration access information, in case it moves in addition to playback, it becomes possible [ adding a 
fixed limit ] and is effective in the ability to protect a work. 

[0074] Here, said data control equipment includes a playback means to reproduce said digital work 
which read said digital work and corresponding access information, and read them from said work 
storage means further based on the read access information. According to this configuration, it is 



effective in being reproducible, protecting a digital work. 
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TECHNICAL PROBLEM 

[Problem(s) to be Solved by the Invention] however, in the conventional music distribution system 
By adding a fixed limit to playback and the copy of a work using the control information which 
shows playback, authorization, disapproval of a copy, etc. which are contained in the negotiation 
contents distributed via the network Digital works, such as music currently recorded on the contents 
distributed via a network, without adding said control information of what can protect a work, CD, 
etc. Since the control information which generally is not enciphered and shows playback, 
authorization, disapproval of a copy, etc. is not added, either When a personal computer etc. is used, 
it can reproduce or copy without a limit of the digital work currently recorded on said CD etc., and 
there is a trouble that protection of a digital work cannot fully be performed. 

[0006] protection of the negotiation contents distributed via the network in order that this invention 
might solve the above-mentioned trouble ~ in addition, it aims at offering the record medium which 
is recording the data-control equipment which protects the digital work currently recorded on record 
media distributed via a network, without adding said control information, such as contents, CD, and 
CD-ROM, like said negotiation contents, the data-control approach, and data management. 
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MEANS . 

[Means for Solving the Problem] In order to attain the above-mentioned object, this invention is data 
control equipment which matches and manages the digital work and access information which are 
circulating. An access information storage means by which the access information which includes at 
least the playback access information which shows whether playback of a digital work is permitted 
for every class of digital work is memorized beforehand, A work storage means and a work 
acquisition means to acquire the digital work with which it is circulating and access information is 
not added from the exterior, A formal distinction means to distinguish the class of acquired digital 
work, and the access information read-out means which reads the access information corresponding 
to the class of acquired digital work from said access information storage means, It is characterized 
by having the work write-in means which writes said acquired digital work in said work storage 
means, and the access information write-in means which matches with said digital work written in 
said work storage means, and writes said read access information in said work storage means. 
[0008] Here, said work write-in means may be constituted so that said access information further 
read to said digital work written in said work storage means may be added. Here, said access 
information may show further whether said record access information permits check-out including 
record access information, and said check-out may be constituted so that it may be reproducing to the 
exterior a digital work and the playback access information it corresponding. 
[0009] Here, including the number of check-out upper limits, said record access information may 
constitute said number of check-out upper limits so that the upper limit of the count to check out may 
be shown. Here, further, including migration access information, said access information may 
constitute said migration access information so that it may be shown whether it permits moving a 
digital work and corresponding access information to the exterior. 

[0010] here, said data control equipment may be constituted so that a playback means to reproduce 
said digital work which carried out reading appearance of said digital work and the corresponding 
access information, and carried out reading appearance further based on the access information 
which carried out reading appearance from said work storage means may be included. 
[0011] 

[Embodiment of the Invention] 1 Explain the data control equipment 100 as a gestalt of one 
operation concerning gestalt 1 this invention of operation. Data control equipment 100 is connected 
to the networks 20, such as the Internet and a cable TV, through the communication line 10, as 
shown in drawing 1 . Moreover, Web server 30 which supplies the music information containing the 
contents about music is connected to the network 20. From Web server 30, data control equipment 
100 acquires music information, and memorizes the acquired music information inside. Moreover, 
the music information which contains the contents about music from CD300 is read, and the read 
music information is memorized inside. Moreover, data control equipment 100 reproduces said 
memorized music information, and outputs it by the loudspeaker 154. 
[0012] Thus, a user can enjoy music. 

1.1 The configuration data control equipment 100 of data control equipment 100 consists of the 
control approach storage table 101 classified by data format, the access managed table 102 classified 
by data format, the data-format distinction section 103, the data registration section 104, a data 



control table 105, and the data storage section 106, as shown in drawing 2 . 

[0013] As shown in drawing 3 , data control equipment 100 consisted of a microprocessor 151, RAM 
(Random Access Memory)152, a display 153, a loudspeaker 154, a hard disk 156, a keyboard 157, 
the communications department 158, and the read-out section 159, and, specifically, the 
communications department 158 is connecting it to a communication line 10. The computer program 
is memorized by the hard disk 156 and the data-format distinction section 103 and the data 
registration section 104 attain the function to it by performing said computer program memorized by 
the hard disk 156 by the microprocessor 151. Specifically, the control approach storage table 101 
classified by data format, the access managed table 102 classified by data format, the data control 
table 105, and the data storage section 106 consist of hard disks 156. 
(Data-format distinction section 103) The data-format distinction section 103 includes the 
communications department 158 connected with external Web server 30 via the networks 20, such as 
the Internet and a cable TV, and contains the read-out section 159 of the record medium of CD and 
DVD. 

[0014] The data-format distinction section 103 takes out negotiation contents from external Web 
server 30 based on directions of a user. Said negotiation contents consist of a file A and a file B. File 
A contains encryption contents, such as an enciphered music content. File B contains the access 
information which shows authorization and the disapproval of playback of File A, sound recording, 
and migration, the cipher system which enciphered said encryption contents, and the decryption key 
of said encryption contents. The data-format distinction section 103 outputs the taken-out negotiation 
contents, the file name of File A, and the distinction information which shows that they are 
negotiation contents to the data registration section 104. 

[0015] the data-format distinction section 103 -- moreover, based on directions of a user, reading 
appearance of the contents which are not enciphered from CD or DVD with which it was equipped is 
carried out, and the contents which carried out reading appearance and which are not enciphered, and 
the distinction information which shows CD or DVD are outputted to the data registration section 
104. Here, the information which shows reproductive authorization and disapproval is also called 
playback access information, and shows whether playback of the contents which have the playback 
access information concerned is permitted. 

[0016] Moreover, the information which shows authorization and the disapproval of sound recording 
is also called sound recording access information, and shows authorization and the disapproval of 
check-out. Moreover, sound recording access information contains the number of check-out upper 
limits which shows the count to which check-out is permitted. Here, check-out reproduces the 
playback access which reproduces contents and contents to other equipments from the equipment 
which has contents, and means reducing the number of check-out upper limits by one in the 
equipment which has said contents. Moreover, check-in returns the access which reproduces contents 
to the original equipment from other equipments, and means increasing the number of check-out 
upper limits one in the original equipment. At this time, it becomes impossible in equipment besides 
the above to use the reproduced contents. 

[0017] Moreover, the information which shows authorization and the disapproval of migration is also 
called migration access information, and shows authorization and the disapproval of migration. Here, 
from the equipment with which migration has contents, contents and all access information are 
reproduced to other equipments, and it says that contents are permanently made impossible [ an 
activity ] in the original equipment to them. 

(The control approach storage table 101 classified by data format) The control approach storage table 
101 classified by data format has memorized two or more groups of data format 201, the data storage 
approach 202, a cipher system 203, the cryptographic key creation approach 204, and the access 
management method 205 and the access existence information 206, as shown in drawing 4 . 
[0018] Data format 201 shows distinction of whether contents are the contents taken out via the 
network, or to be the contents read from record media, such as CD and DVD. "Negotiation contents" 
shows the contents taken out via the network, and "CD" and "DVD" show the contents read from CD 
and DVD, respectively. 



[001 f 9] The data storage approach 202 is a script which shows the approach of processing for 
contents. When data format 201 is "CD", the data storage approach 202 consists of a script shown 
below. Also about the case where data format 201 is "DVD", the data storage approach 202 is the 
same as that of the script shown below. 

(Step 1) A cryptographic key is created using the cryptographic key creation approach 204 
corresponding to the data format 201 which is "CD." 

(Step 2) With the cipher system 203 corresponding to the data format 201 which is "CD", the 
contents read from CD are enciphered using said created cryptographic key, and encryption contents 
are generated. 

(Step 3) It writes in the data storage section 106 by considering the generated encryption contents as 
File A. 

(Step 4) According to the script currently recorded on the access management method 205, the access 
information 222 corresponding to the data format 221 which is "CD" is read from the access 
managed table 102 classified by data format. 

(Step 5) According to the script currently recorded on the access management method 205, data ID 
251, the encryption information 252, the access information 253, and a file name 254 are written in 
the data control table 105. Moreover, it writes in the data storage section 106 by considering the 
encryption information 252 and access information 253 as File B. Here, data ID 251 are the identifier 
of the proper generated for every contents of CD. The encryption information 252 consists of a 
cipher system 261 and a cryptographic key 262. A cipher system 261 is a cipher system determined 
in step 2. A cryptographic key 262 is a cryptographic key created in step 1. The file identification 
child of a file name 254 is an identifier of the proper generated for said every contents. The access 
information 253 is the access information 222 read from the access managed table 102 classified by 
data format. 

[0020] When data format 201 is "negotiation contents", the data storage approach 202 consists of a 
script shown below. 

(Step 1) The negotiation contents taken out via the network are written in the data storage section 
106. 

(Step 2) Data ID 251, the encryption information 252, the access information 253, and a file name 
254 are written in the data control table 105. Here, data ID 25 1 are the file name of the file A taken 
out via the network. The encryption information 252 consists of a cipher system 261 and a 
cryptographic key 262. A cipher system 261 is a cipher system contained in the file B taken out via 
the network. A cryptographic key 262 is a decryption key contained in the file B taken out via the 
network. The access information 253 is the access information taken out via the network. A file name 
254 is a file name of the file A taken out via the network. 

[0021] A cipher system 203 shows the cipher system at the time of enciphering the contents read 
from "CD" or "DVD", when data format 201 is "CD" or "DVD." According to the example shown in 
this drawing, a cipher system is RSA when data format 201 is "CD" or "DVD." When data format 
201 is "negotiation contents", the cipher system 203 is not memorized. 

[0022] The cryptographic key creation approach 204 shows how to create the cryptographic key used 
with a cipher system 203. According to the example shown in this drawing, when data format 201 is 
"CD" or "DVD", the cryptographic key creation approach 204 is random-number generation. 
Furthermore, when data format 201 is "DVD", the die length of the music currently recorded on the 
head of DVD is considered as the seed in the case of random-number generation. When data format 
201 is "negotiation contents", the cryptographic key creation approach 204 is not memorized. 
[0023] The access management method 205 is a script about access information. When data format 
201 is "CD", the access management method 205 consists of a script shown below. Also about the 
:ase where data format 201 is "DVD", the access management method 205 is the same as that of the 
script shown below. 

'Step 1) The access information 222 on the access managed table 102 classified by data format is 
*ead, and it writes in the data control table 105. 

0024] When data format 201 is "negotiation contents", the access management method 205 is not 



memorized. The access existence information 206 shows whether access information is added. The 
access existence information 206 shows that access information is not added in the case of "0", and, 
in the case of "1", it is shown that access information is added. Since access information is added 
when the access existence information 206 is "0" and data format 201 is "negotiation contents", since 
access information is not added in the example of the control approach storage table 101 classified by 
data format shown in drawing 4 when data format 201 is "CD" or "DVD", the access existence 
information 206 is " 1 ." 

(Access managed table 102 classified by data format) The access managed table 102 classified by 
data format has remembered two or more groups with the access information 222 to be data format 
221, as shown in drawing 5 . 

[0025] Data format 221 consists of "CD" or "DVD" in which it is shown that they are the contents by 
which reading appearance was carried out from record media, such as CD and DVD. Data format 
221 does not contain "negotiation contents." The access information 222 consists of playback access 
231, sound recording access 232, and migration access 233. It is shown whether the playback access 
231, the sound recording access 232, and the migration access 233 permit playback of contents, 
sound recording, and migration to a user, respectively. "It is possible" shows authorization of 
playback of contents, sound recording, and migration, and "it is impossible" shows disapproval for 
playback of contents, sound recording, and migration. 

(Data control table 105) The data control table 105 has memorized two or more groups of data ID 
251, the encryption information 252, the access information 253, and a file name 254, as shown in 
drawing 6 . 

[0026] Each class supports each contents and one to one which are memorized by the data storage 
section 106. Data ID 251 are an identifier which identifies each contents. The encryption information 
252 consists of a cipher system 261 and a cryptographic key 262. A cipher system 261 is a cipher 
system used when the contents identified with data ID 25 1 were enciphered. A cryptographic key 
262 is a cryptographic key used when the contents identified with data ID 25 1 were enciphered. 
[0027] The access information 253 consists of playback access 271, sound recording access 272, and 
migration access 273. It is shown whether the playback access 271, the sound recording access 272, 
and the migration access 273 permit playback of the contents identified with data ID 251 to a user, 
respectively, sound recording, and migration. "It is possible" shows authorization of playback of 
contents, sound recording, and migration, and "it is impossible" shows disapproval for playback of 
contents, sound recording, and migration. 

[0028] A file name 254 is a file stored in the data storage section 106, and is a file name of the file 
containing the contents identified with data ID 251. A file identification child, SEPARETA ".", and 
file classification "dat" are combined, and a file name 254 is constituted. The file identification child 
of a file name 254 has the same identifier as data ID 25 1 . 

[0029] In this drawing, a group 281 is an example in case data format is "CD", and a group 282 is an 
example in case data format is a "music content." 

(Data registration section 104) The data registration section 104 receives negotiation contents, the 
file name of File A, and the distinction information that shows that they are negotiation contents 
from the data-format distinction section 103. Moreover, the data registration section 104 receives the 
contents which are not enciphered and the distinction information which shows CD or DVD. 
[0030] The data registration section 104 will perform the script currently recorded on ejection and 
the taken-out data storage approach 202 from the control approach storage table 101 classified by 
data format in the data storage approach 202 corresponding to the data format 201 which is 
"negotiation contents", if the distinction information which shows that they are negotiation contents 
is received from the data-format distinction section 103. 

[0031] The data registration section 104 will perform the script currently recorded on ejection and 
the taken-out data storage approach 202 from the control approach storage table 101 classified by 
data format in the data storage approach 202 corresponding to the data format 201 which is "CD", if 
the distinction information which shows that it is "CD" is received from the data-format distinction 
section 103. It is also the same as when the data registration section 104 receives the distinction 



information which shows that it is "DVD." 

(Data storage section 106) The data storage section 106 is the same file format as the negotiation 
contents which consist of a file A and a file B, and has memorized contents. 

1.2 Explain actuation of the data control equipment 100 of data control equipment 100 of operation 
using the flow chart shown in drawing 7 . 

[0032] The data- format distinction section 103 from the exterior negotiation contents Ejection and 
the taken-out negotiation contents, The file name of File A and the distinction information which 
shows that they are negotiation contents are outputted to the data registration section 104. Or the 
contents which the data- format distinction section 103 read the contents which are not enciphered 
from CD or DVD with which it was equipped, and were read and which are not enciphered, The 
distinction information which shows CD or DVD is outputted to the data registration section 104. 
The data registration section 104 From the data-format distinction section 103, negotiation contents, 
the file name of File A, and the distinction information that shows that they are negotiation contents 
Reception, Or the data registration section 104 receives the contents which are not enciphered and 
the distinction information which shows CD or DVD (step S101). 

[0033] If the distinction information which shows that they are negotiation contents is received from 
the data-format distinction section 103 (steps SI 03 -SI 04), the data registration section 104 From the 
control approach storage table 101 classified by data format, the data storage approach 202 
corresponding to the data format 201 which is "negotiation contents" Ejection, By performing the 
script currently recorded on the taken-out data storage approach 202 The file A containing the 
encryption contents taken out via the network is written in the data storage section 106 (step SI 05). 
Data ID 251, the encryption information 252, the access information 253, and a file name 254 are 
written in the data control table 105 (step SI 06). 

[0034] If the distinction information which shows that it is "CD" is received from the data-format 
distinction section 103 (step SI 03), the data registration section 104 By performing the script 
currently recorded on ejection and the taken-out data storage approach 202 from the control approach 
storage table 101 classified by data format in the data storage approach 202 corresponding to the data 
format 201 which is "CD" Using the cryptographic key creation approach 204 corresponding to the 
data format 201 which is "CD", create a cryptographic key (step Sill) and with the cipher system 
203 corresponding to the data format 201 which is "CD" Encipher the contents read from CD using 
said created cryptographic key, and encryption contents are generated (step SI 12). The generated 
encryption contents are written in the data storage section 106 (step SI 13). According to the script 
currently recorded on the access management method 205, the access information 222 corresponding 
to the data format 221 which is "CD" is read from the access managed table 102 classified by data 
format (step SI 14). According to the script currently recorded on the access management method 
205, data ID 251, the encryption information 252, the access information 253, and a file name 254 
are written in the data control table 105. The encryption information 252 and the access information 
253 are written in the data storage section 106 (step SI 15). 

1.3 a conclusion — in case playback, migration, a copy, etc. are processed like "negotiation contents" 
in this way according to the gestalt 1 of operation by enciphering contents and adding access 
information with the cipher system decided beforehand even case [ like the contents which carried 
out reading appearance from CD with which the contents which are not enciphered are recorded ], a 
work can be protected by adding a fixed limit. 

[0035] Moreover, even when a new data format is developed and added, it can respond to a new data 
format easily by adding and writing a new data format, the data storage approach and a cipher 
system, the cryptographic key creation approach, an access management method, and access 
information in the control approach storage table 101 classified by data format, and the access 
managed table 102 classified by data format. 

2 Explain another data control equipment 800 as a gestalt of one operation concerning gestalt 2 this 
invention of operation. 

[0036] Data control equipment 800 is connected to the networks 20, such as the Internet and a cable 
TV, through the communication line 10, as shown in drawing 8 . The accounting server 40 which 



supplies the access [ countervalue / in the case of using Web server 30 which supplies the music 
information containing the contents about music, and contents ] information according to reception 
and a countervalue is connected to the network 20. Data control equipment 800 memorizes the music 
information which acquired music information and was acquired inside from Web server 30, pays the 
countervalue in the case of using contents to the accounting server 40, and receives the access 
information according to a countervalue. Moreover, the music information containing the contents 
about music is read from CD300, and read-out music information is memorized inside. Moreover, 
based on said received access information, data control equipment 800 reproduces said memorized 
music information, and outputs it by the loudspeaker 154. 

[0037] Moreover, data control equipment 800 writes said memorized music information in a record 
medium 811 based on said received access information. The pocket player 401 is equipped by the 
user, and the record medium 811 with which music information was written in reproduces the music 
information written in the record medium 811, and outputs the pocket player 401 to headphone 402. 
Here, a record medium 8 11 is a semi-conductor memory card as an example. 
[0038] Thus, a user can enjoy music. 

2.1 The configuration data control equipment 800 of data control equipment 800 consists of the data- 
format distinction section 801, the data format section 802, the access managed table 803 classified 
by data format, the encryption section 804, the data storage section 805, two or more data-format 
data control table 807, the accounting section 808, the data control section 809, the format 
conversion section 810, the input section 812, and a control approach storage table 813 classified by 
data format, as shown in drawing 9 . 

[0039] Like data control equipment 100, data control equipment 800 consisted of a microprocessor, 
RAM, a display, a loudspeaker, the record-medium I/O section, a hard disk, a keyboard, the 
communications department, and the read-out section, and, specifically, the communications 
department is connecting it to a communication line. The computer program is memorized by the 
hard disk and the data-format distinction section 801, the encryption section 804, the accounting 
section 808, the data control section 809, and the format conversion section 810 attain the function to 
it by performing said computer program memorized by said hard disk by said microprocessor. 
Moreover, the access managed table 803 classified by data format, the data storage section 805, and 
the two or more data-format data control control approach storage table 807 and 813 classified by 
data format consist of said hard disks for the data-format distinction section 801 and the accounting 
section 808 including said communications department. 

(Input section 812) The input section 812 consists of said keyboards etc., and, specifically, receives 
from a user the input of the contents identifier which discriminates contents from the supplying 
agency information which shows the supply origin of contents, and the usage of contents. 
[0040] Here, supplying agency information shows whether it is the exterior connected via a network, 
or they are record media, such as CD and DVD. The usage of contents is playback of contents, 
record, or migration. The input section 812 outputs the supplying agency information that the input 
was received, and the contents identifier which identifies contents to the data-format distinction 
section 801. Moreover, the input section 812 outputs the supplying agency information that the input 
was received, the contents identifier which identifies contents, and the usage of contents to the data 
control section 809. 

(Data-format distinction section 801) The data-format distinction section 801 receives supplying 
agency information and the contents identifier which identifies contents from the input section 812. 
[0041] The data-format distinction section 801 is connected with the exterior via networks, such as 
the Internet and a cable TV, like the data-format distinction section 103 of data control equipment 
100. The data-format distinction section 801 will take out the negotiation contents identified by said 
received contents identifier from the exterior, if the supplying agency information which shows the 
exterior connected via a network is received from the input section 812. Said negotiation contents 
consist of a file A and a file B. File A contains encryption contents, such as an enciphered music 
content. File B contains the access information which shows authorization and the disapproval of 
playback of File A, sound recording, and migration, the cipher system which enciphered said 



encryption contents, and the decryption key of said encryption contents. The data-format distinction 
section 801 outputs the taken-out negotiation contents, the file name of File A, and the distinction 
information which shows that they are negotiation contents to the data format section 802. 
[0042] The data-format distinction section 801 is equipped with the read-out section of the record 
medium of CD and DVD again. If the supplying agency information which shows record media, 
such as CD and DVD, is received from the input section 812, from CD with which the 
aforementioned read-out section was equipped, or DVD, the data- format distinction section 801 will 
read the contents which are identified by said contents identifier and which are not enciphered, and 
will output the read contents which are not enciphered and the distinction information which shows 
CD or DVD to the data format section 802. 

(Access managed table 803 classified by data format) Since the access managed table 803 classified 
by data format is the same as the access managed table 102 classified by data format of data control 
equipment 100, explanation is omitted. 

(The control approach storage table 813 classified by data format) The control approach storage table 
813 classified by data format has memorized two or more groups of data format 951, a cipher system 

952, and the cryptographic key creation approach 953, as shown in drawing 10 . 

[0043] Distinction of whether data format 951 is the contents to which reading appearance of the 
contents was carried out from which record media, such as CD or DVD, is shown. "CD" and "DVD" 
show the contents by which reading appearance was carried out from CD and DVD, respectively. A 
cipher system 952 shows the cipher system at the time of enciphering the contents read from "CD" or 
"DVD", when data format 951 is "CD" or "DVD." According to the example shown in this drawing, 
when data format 95 1 is "CD" or "DVD", both cipher systems are RSA. 

[0044] The cryptographic key creation approach 953 shows how to create the cryptographic key used 
with the cipher system shown by the cipher system 952. According to the example shown in this 
drawing, when data format 951 is "CD" or "DVD", both the cryptographic key creation approaches 
953 are random-number generation. Furthermore, when data format 951 is "DVD", the die length of 
the music currently recorded on the head of DVD is considered as the seed in the case of random- 
number generation. 

(Data format section 802) The data format section 802 receives negotiation contents, the file name of 
File A, and the distinction information that shows that they are negotiation contents from the data- 
format distinction section 801. Moreover, the data format section 802 receives the contents which are 
not enciphered and the distinction information which shows CD or DVD. 
[0045] A random number will be generated and the data format section 802 will generate the 
character string of 6 figures which identifies contents based on the generated random number, if the 
distinction information which shows CD or DVD is received from the data-format distinction section 
801. The data format section 802 reads the access information 222 corresponding to the data format 
221 which is in agreement with said received distinction information from the access managed table 
803 classified by data format. 

[0046] Moreover, from the control approach storage table 813 classified by data format, the data 
format section 802 reads the cipher system 952 and the cryptographic key creation approach 953 
corresponding to the data format 951 which is in agreement with said received distinction 
information, and generates a cryptographic key using the read cryptographic key creation approach 

953. Next, the data format section 802 uses said generated character string of 6 figures as data ID 
911. Make said read cipher system 952 into a cipher system 921, and said generated cryptographic 
key is made into a cryptographic key 922. said access information 222 which carried out reading 
appearance is made into the access information 913, said generated character string of 6 figures is 
nade into a file identification child, said file identification child, SEPARETA and file 
:lassification M dat" are combined, a file name 914 is generated, and data format 915 is set to "CD." 
Data ID 911, the encryption information 912, the access information 913, a file name 914, and data 
format 915 are written in two or more data-format data control table 807. Here, the encryption 
nformation 912 consists of a cipher system 921 and a cryptographic key 922. 

0047] Furthermore, the data format section 802 outputs the received contents which are not 



enciphered, said read cipher system 952, said generated cryptographic key, and a file name 914 to the 
encryption section 804. If the distinction information which shows that they are negotiation contents 
is- received from the data-format distinction section 801, the data format section 802 The file 
identification child who constitutes the file name of said received file A is used as data ID 91 1. The 
cipher system contained in said received negotiation contents is made into a cipher system 92 1 . The 
decryption key contained in said received negotiation contents is made into a cryptographic key 922, 
and access information included in said received negotiation contents is made into the access 
information 913, make the file name of said received file A into a file name 914, and let data format 
915 be "negotiation contents." Data ID 91 1, the encryption information 912, the access information 
913, a file name 914, and data format 915 are written in two or more data-format data control table 
807. Here, the encryption information 912 consists of a cipher system 921 and a cryptographic key 
922. Next, the data format section 802 writes said received negotiation contents in the data storage 
section 805 by making the file name of said received file A into a file name. 

(Encryption section 804) The encryption section 804 receives the contents which are not enciphered, 
a cipher system 952, said cryptographic key, and a file name 914 from the data format section 802. 
[0048] If the contents which are not enciphered, a cipher system 952, said cryptographic key, and a 
file name 914 are received, the encryption section 804 will encipher the contents which are not 
enciphered with a cipher system 952 using said cryptographic key, and will write the encryption 
contents which generated and generated encryption contents in the data storage section 805 by 
making a file name 914 into a file name. 

(Data storage section 805) The data storage section 805 has memorized the negotiation contents 
which the encryption contents generated by the encryption section 804 and the data format section 
802 received. 

(Two or more data-format data control table 807) Two or more data-format data control table 807 
remembers groups with data format 915 to be data ID 91 1, the encryption information 912, the 
access information 913, and a file name 914, as shown in drawing 1 1 . 

[0049] Each class supports each contents and one to one which are memorized by the data storage 
section 805. The encryption information 912 consists of a cipher system 921 and a cryptographic key 
922, and the access information 913 consists of playback access 923, sound recording access 924, 
and migration access 925. 

[0050] Since it is the same as the data ID 251 of the data control table of data control equipment 100, 
a cipher system 261, a cryptographic key 262, the playback access 271, the sound recording access 
272, the migration access 273, and a file name 254, data ID 91 1, a cipher system 921, a 
cryptographic key 922, the playback access 923, the sound recording access 924, the migration 
access 925, and a file name 914 omit explanation, respectively. 

[0051] Data format 915 shows distinction of whether contents are the contents taken out via the 
network, or to be the contents read from record media, such as CD and DVD. "Negotiation contents" 
shows the contents taken out via the network, and "CD" and "DVD" show the contents read from CD 
and DVD, respectively. 

[0052] In this drawing, a group 901 is an example in case data format is "CD", and a group 902 is an 
example in case data format is "negotiation contents." 

(Accounting section 808) The accounting section 808 is connected with the exterior via networks, 
such as the Internet and a cable TV. 

[0053] The accounting section 808 receives the contents identifier which identifies contents, and the 
usage of contents from the data control section 809. The accounting section 808 performs accounting 
which pays the countervalue in the case of using the contents identified by said received contents 
identifier by the usage of said received contents to the exterior, and receives the access information 
according to said usage from said exterior. The playback access of contents, sound recording access, 
and migration access are contained in access information. 

0054] The accounting section 808 transposes the access information 913 corresponding to the data 
[D 91 1 which have the same content as said received contents identifier in two or more data-format 
data control table 807 to the access information received from said exterior. 



(Dafe control section 809) The data control section 809 receives supplying agency information, the 
contents identifier which identifies contents, and the usage of contents from the input section 812. 
[0055] The data control section 809 compares the access information 913 corresponding to the data 
ID 91 1 which have the same content as said received contents identifier in two or more data-format 
data control table 807 with said received usage, and utilization by said received usage judges how 
**** is. The data control section 809 will judge with it being available, if the playback access 923 is 
"possible" when said received usage is playback, and if the playback access 923 is "impossible", 
specifically, it will judge with utilization being impossible. If the sound recording access 924 is 
"possible" when said received usage is sound recording, it will judge with it being available, and if 
the sound recording access 924 is "impossible", it will judge with utilization being impossible. If the 
migration access 925 is "possible" when said received usage is migration, it will judge with it being 
available, and if the migration access 925 is "impossible", it will judge with utilization being 
impossible. 

[0056] When that it can use judges, the data control section 809 directs to write in the contents which 
changed the contents which will be identified by said received contents identifier to the format 
conversion section 810 based on the sound recording access 924 if sound recording is possible into 
the format to the record medium equipped by the format conversion section 810, and were changed 
into said record medium, and outputs said received contents identifier to the format conversion 
section 810. 

[0057] The data control section 809 ends processing, when that it cannot use judges and said supply 
[ which was received ] former information shows record media, such as CD and DVD. The data 
control section 809 outputs said received contents identifier and the usage of contents to the 
accounting section 808, when that it cannot use judges and it is shown that it is the exterior where 
said supply [ which was received ] former information is connected via a network. When the 
judgment of utilization is again performed after termination of the accounting by the accounting 
section 808 and that it can use judges, as mentioned above, the data control section 809 directs to 
write in the contents which changed into the format to a record medium the contents identified by 
said contents identifier to the format conversion section 810, and were changed into said record 
medium, and outputs said received contents identifier to the format conversion section 810. 
(Format conversion section 810) The format conversion section 810 is equipped with the write-in 
section to a record medium 811. 

[0058] The format conversion section 810 receives directions of format conversion, and a contents 
identifier from the data control section 809. If directions of format conversion are received from the 
data control section 809, the format conversion section 810 reads the contents identified by said 
received contents identifier from the data storage section 805, will be changed into the format to the 
record medium 811 equipped with the read contents by the format conversion section 810, and will 
write the changed contents in a record medium 811. 

(Record medium 81 1) A record medium 811 is a record medium which consists of semiconductor 
memory, a DVD-RAM, etc., and the format conversion section 810 is equipped with it. A record 
medium 81 1 records the changed contents by the format conversion section 810. 2.2 Explain the 
actuation at the time of the data control equipment 800 of data control equipment 800 of operation 
taking out contents from record media, such as the exterior, or CD, DVD, using the flow chart shown 
in drawing 12 . 

[0059] The input section 812 receives the input of supplying agency information, the contents 
identifier which identifies contents, and the usage of contents, and the data-format distinction section 
801 reads the contents which are discriminated from ejection, CD, or DVD by said contents identifier 
in the negotiation contents discriminated from the exterior by said received contents identifier and 
which are not enciphered from a user (step SI 001). 

[0060] When the distinction information which shows CD or DVD is received from the data-format 
distinction section 801 (step SI 002), the data format section 802 the data format section 802 The 
contents which read access information from the access managed table 803 classified by data format, 
read the cipher system and the cryptographic key creation approach from the control approach 



storage tal5le 813 classified by data format, generated the cryptographic key, and were received and 
which are not enciphered, Said read cipher system 952, said generated cryptographic key, and a file 
name 914 are outputted to the encryption section 804. The encryption section 804 The contents 
which are not enciphered are enciphered with a cipher system 952 using said cryptographic key. 
Encryption contents are generated and the generated encryption contents are written in the data 
storage section 805 using a file name 914 (step S1006). The data format section 802 Data ID 91 1, the 
encryption information 912, the access information 913, a file name 914, and data format 915 are 
written in two or more data-format data control table 807 (step SI 007). 

[0061] If the distinction information which shows that they are negotiation contents is received from 
the data-format distinction section 801 (steps S1002-S1003), the data format section 802 The data 
format section 802 on two or more data- format data control table 807 Data ID 91 1 The encryption 
information 912, the access information 913, a file name 914, and data format 915 are written in 
(step SI 004). Next, the data format section 802 Said received negotiation contents are written in the 
data storage section 805 using the file name of said received file A (step S1005). 
[0062] Next, the actuation at the time of data control equipment 800 writing contents in a record 
medium 8 1 1 is explained using the flow chart shown in drawing 13 . The contents identifier to which 
the data control section 809 discriminates supplying agency information and contents from the input 
section 812, The usage of contents reception (step SI 101) and the data control section 809 The 
access information 913 corresponding to the data ID 91 1 which have the same content as said 
received contents identifier in two or more data-format data control table 807, When said received 
usage is compared, utilization by said received usage judges how **** is and that it can use judges, 
if sound recording is possible, based on (step SI 102) and the sound recording access 924 The 
contents identified by said received contents identifier to the format conversion section 810 It 
changes into the format to the record medium with which the format conversion section 810 is 
equipped. It directs to write in the contents changed into said record medium, and said received 
contents identifier is outputted to the format conversion section 810. The format conversion section 
810 The contents identified by said received contents identifier are read from the data storage section 
805. It changes into the format to the record medium 811 equipped with the read contents by the 
format conversion section 810, and the changed contents are written in a record medium 811 (step 
SI 103). 

[0063] The data control section 809 ends (step SI 104) and processing, when that it cannot use judges 
and it is shown that (step SI 102) and said supply [ which was received ] former information are 
record media, such as CD and DVD. When that it cannot use judges, the data control section 809 
(Step SI 102), When it is shown that it is the exterior where said supply [ which was received ] 
former information is connected via a network, (step SI 104) and said received contents identifier, 
The usage of contents is outputted to the accounting section 808. The accounting section 808 The 
accounting which pays the countervalue in the case of using the contents identified by said received 
contents identifier by the usage of said received contents Carry out to the exterior and the access 
information according to said usage From said outside to reception The access information 913 
corresponding to the data ID 91 1 which have the same content as said received contents identifier in 
two or more data-format data control table 807 It transposes to the access information received from 
said exterior (step SI 105), and control is moved to step SI 102, and again, when carrying out a 
utilization judging and judging with it being available, the contents to a record medium 811 are 
written in. 

2.3 If equipped with the record medium 81 1 with which contents are recorded, the pocket player 401 
Docket player 401 will reproduce the contents which read contents and were read from a record 
nedium 811, and will output them to headphone 402. 

2.4 In Collecting, and Taking Out Contents via Network in this Way according to the Gestalt 2 of 
Dperation In writing the negotiation contents which consist of contents, access information, and 
encryption information in the data storage section as it is and reading contents from record media, 
juch as CD Since only encryption contents are written in the data storage section and data format, 
iccess information, and encryption information are written in two or more data-format data control 



tabli Access* information and encryption information can be further added to the contents read from 
record media, such as CD, it is not necessary to change into the same file format as negotiation 
contents, and the load of equipment can be mitigated. 

3 In the other gestalten of operation of the modification (1) above, data format, such as "DVD- 
Video", "DVD-Audio", and "being the negotiation contents of the data format of a class two or 
more", may be added instead of CD. 

[0064] Moreover, although [ a record medium 811 ] it is a semi-conductor memory card, they may be 
other record media, such as MD. 

(2) In the gestalt of the above-mentioned operation, although [ equipment ] the contents to which it is 
enciphered and access information is added are acquired via networks, such as the Internet, though 
data control equipment acquires the contents to which it is not enciphered and access information is 
not added via a network, it is good. It sets on the control approach storage table 101 classified by 
data format to the contents of such a class. It has the same data storage approach as "CD" or "DVD", 
a cipher system, the cryptographic key creation approach, an access management method, and access 
existence information. The data registration section 104 Like "CD" or "DVD", an encryption key is 
created, contents are enciphered, encryption contents are written in the data storage section 106, and 
Data ID, encryption information, access information, and a file name are written in the data control 
table 105. 

(3) You may make it be a degree in the gestalt of the above-mentioned operation. The format 
conversion section 810 writes the access information which consists of the playback access to which 
"it is possible" was set, sound recording access to which "it is impossible" was set, and migration 
access to which "it is impossible" was set further in a record medium 81 1. If equipped with the 
record medium 811 with which the access information which consists of contents, and the playback 
access to which "it is possible" was set, the sound recording access to which "it is impossible" was 
set and the migration access to which "it is impossible" was set is recorded, the pocket player 401 
Access information is read from a record medium 811, playback access judges whether it is 
"possible", and if it is "possible", the contents currently recorded on the record medium 811 will be 
reproduced. If playback access is "impossible", playback of the contents currently recorded on the 
record medium 811 will not be performed. 

(4) In the gestalt of the above-mentioned operation, the playback access and sound recording access 
which constitute access information, and migration access Although it is shown whether playback of 
contents, sound recording, and migration are permitted to a user, respectively, "it is possible" shows 
authorization of playback of contents, sound recording, and migration and "it is impossible" shows 
disapproval for playback of contents, sound recording, and migration It is good though playback 
access, sound recording access, and migration access are counts which permit playback of contents, 
sound recording, and migration to a user, respectively. It is permitted that a user performs playback 
of contents, sound recording, and migration within the limits of the aforementioned count. If 
playback of contents, sound recording, and migration are performed once, the value of 1 will be 
subtracted from the count of each. 

[0065] Moreover, though said access information is length which permits playback, sound recording, 
and migration, it is good. It is permitted that a user performs playback of contents, sound recording, 
and migration within the permitted length. 

(5) In the gestalt of the above-mentioned operation, although music information is acquired, 
memorized, reproduced, moved and recorded on videotape from record media, such as CD, through a 
network, don't restrict to music information. It is good though it is the multimedia information (for 
example, HTML document) containing static-image information, dynamic-image information, the 
film information that consists of voice and a dynamic image, a computer program, text, control 
information, text, a static image, a dynamic image, voice, etc. 

(6) Though this invention is an approach shown above, it is good. Moreover, though it is the 
computer program which realizes these approaches by computer, it is good, and it is good though it is 
the digital signal which consists of said computer program. 

[0066] Moreover, this invention is good also as what recorded said computer program or said digital 



signal on tfie record medium in which computer reading is possible, for example, a floppy 
(trademark) disk, a hard disk, CD-ROM, MO and DVD, DVD-ROM, DVD-RAM, semiconductor 
memory, etc. Moreover, it is good though it is said computer program currently recorded on these 
record media, or said digital signal. 

[0067] Moreover, this invention is good also as what is transmitted via the network where said 
computer program or said digital signal is used into a telecommunication circuit, wireless, or a wire 
communication circuit, and it uses the Internet representation, moreover, the thing for which said 
program is recorded on said record medium, and is transported - or by transporting said program via 
a network etc., though carried out according to other independent computer systems, it is good. 
(7) It is good though the gestalt and the above-mentioned modification of the above-mentioned 
implementation are combined, respectively. 
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DESCRIPTION OF DRAWINGS 
[Brief Description of the Drawings] 

[Drawing 1] It is the conceptual diagram showing the utilization gestalt of the data control equipment 
100 as a gestalt of one operation concerning this invention. 

[Drawing 2] It is the block diagram showing the configuration of data control equipment 100. 
[Drawing 3] It is the block diagram showing the concrete configuration of data control equipment 
100. 

[Drawing 4] An example of the control approach storage table 101 classified by data format of data 
control equipment 100 is shown. 

[Drawing 5] An example of the access managed table 102 classified by data format of data control 
equipment 1 00 is shown. 

[Drawing 6] An example of the data control table 105 of data control equipment 100 is shown. 
[Drawing 7] It is the flow chart which shows actuation of data control equipment 100. 
[Drawing 8] It is the conceptual diagram showing the utilization gestalt of another data control 
equipment 800 as a gestalt of one operation concerning this invention. 

[Drawing 9] It is the block diagram showing the configuration of data control equipment 800. 
[Drawing 10] An example of the control approach storage table 813 classified by data format of data 
control equipment 800 is shown. 

[Drawing 11] An example of two or more data-format data control table 807 of data control 
equipment 800 is shown. 

[Drawing 12] It is the flow chart which shows the actuation at the time of data control equipment 800 
taking out contents from record media, such as the exterior, or CD, DVD. 

[Drawing 13] It is the flow chart which shows the actuation at the time of data control equipment 800 

writing contents in a record medium 811. 

[Description of Notations] 

10 Communication Line 

20 Network 

30 Web Server 

40 Accounting Server 

1 00 Data Control Equipment 

101 The Control Approach Storage Table Classified by Data Format 

102 Access Managed Table Classified by Data Format 

103 Data-Format Distinction Section 

104 Data Registration Section 

105 Data Control Table 

106 Data Storage Section 

800 Data Control Equipment 

801 Data-Format Distinction Section 

802 Data Format Section 

803 Access Managed Table Classified by Data Format 

804 Encryption Section 



805 Data Storage Section 

807 Two or More Data-Format Data Control Table 

808 Accounting Section 

809 Data Control Section 

810 Format Conversion Section 

811 Record Medium 

812 Input Section 

813 The Control Approach Storage Table Classified by Data Format 
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